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[Abstract] 

[Problem to be solved] To provide an authentication technology which does not excessively 
complicate authentication information held by authenticated member users and does not force on 
member users too many operations than before. 

[Solution] A personal authentication system comprises: member data reading means for reading 
member data (for example, the address or the domicile of a member user); area data obtaining 
means for obtaining from a PHS carrier (PP) area data (D2) of a PHS terminal device (20) owned 
by a member; processing means for determining whether area data (D2) matches member data; 
and output means, when as a result of a determination of the processing means area data 
matches member data, for producing an output for allowing a user to continue to receive services 
from a service provider (AA), and when area data does not match member data, for producing an 
output for preventing a user from receiving services from a service provider (AA). 
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[Detailed Description of the Invention] 

[0001] 

[Field of the Invention] The present invention relates to a personal authentication system and a 
personal authentication method, and specifically to a system and a method for improving the 
accuracy of an authentication performed in the time of a transaction using electronic means such 
as on-line communications or a credit card. 
[0002] 

[Prior Art] So far, when a contract or a transaction is made using electronic means, a person 
using electronic means is authenticated on the basis of a personal identification code or a 
password. For example, in an on-line service (or Internet communications), to make a 
transaction between an on-line service member and an on-line service provider, an on-line 
service member sends application information using a personal computer and a telephone line, 
and a computer system provided in an on-line service provider receives the application 
information. In such a case, to check the authenticity of the on-line service member, the following 
method is used so far. 

[0003] In advance, PC users make a service contract with an on-line service provider, and the 
provider determines a member ID number and a password and notifies the users of them. The 
provider, when receiving an access request from a user, requests the user to enter a pre- 
registered member ID number and password. When the user enters a member ID number and a 
password, the provider checks them against authorized member information recorded in the 
provider. When they match the authorized member information, the provider identifies the user 
as an authorized member user. The provider assumes order information sent during the 
communication to be information sent by the authorized member user, and accepts the order 
information. 

[0004] Also, to check the authenticity of authorized contractor more strictly, the provider limits a 
time period when a user is allowed to enter a member ID number and a password or, when a 
user mistakenly enter them more than predetermined times, assumes the user to be unauthorized 
user and terminate the connection from the user. As a result, unauthorized users are precluded. 
[0005] 

[Problem to be Solved by the Invention] However, the above methods for precluding 
unauthorized users are rendered ineffective, for example, if a hacker breaks into a transmission 
gate or a modem of a computer of an authorized member user to obtain the member ID number 
and the password. Pre-assigned member ID numbers and passwords, if any other person knows 
them by some means, becomes ineffective as means for authentication. 

[0006] To prevent hackers from illegally obtaining member ID numbers and passwords, there 
used a method of encoding communications between authorized member users and a provider to 
ensure the security of the communications. However, no matter how advanced and complicated 
means for preventing illegal obtainments of passwords, etc. may become, the means can not be 
the ultimate solution against hackers who develop more advanced illegal obtainment means. 
[0007] This type of incident has occurred when using banking cards or credit cards. Since an 
authorized member user often uses for his/her password the last four digits of his/her or his/her 
close relative's birthday or telephone number not to forget it, it is relatively easy for misusers of 
passwords to guess such a password. As a result, they can obtain goods illegally. 
[0008] A problem to be solved by the present invention is to provide an authentication technology 
which does not excessively complicate authentication information held by authenticated member 
users and does not force on member users too many operations than before. An object of the 
inventions according to Claims 1 to 3, and 9 is to provide a personal authentication system which 
does not excessively complicate authentication information held by authenticated member users 
and does not force on member users too many operations than before. 

[0009] An object of the invention according to Claim 4 is to provide a personal authentication 
system which makes it possible to preclude unauthorized users by putting them at a 
disadvantage. An object of the inventions according to Claims 5 and 10 is to provide a personal 
authentication method which does not excessively complicate authentication information held by 
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authenticated member users and does not force on member users too many operations than 
before. 

[0010] An object of the inventions according to Claims 6 and 7 is to provide a personal 
authentication system which does not excessively complicate authentication information held by 
authenticated credit card members and does not force on card members too many operations 
than before. An object of the inventions according to Claim 8 is to provide a personal 
authentication method which does not excessively complicate authentication information held by 
authenticated credit card members and does not force on card members too many operations 
than before. 

[0011] To solve the above-mentioned problems, the applicants provides the inventions according 
to Claims 1 to 10. In the present invention, it is assumed that each authorized member user of 
the system owns a PHS terminal device, a beeper, or a mobile phone, and that each authorized 
member user always has a PHS terminal device, etc. at hand. In the personal authentication 
system and method according to Claims 1 to 8, location information of a PHS terminal device is 
obtained from a PHS carrier; on the basis of the location information, a location of a person who 
makes a contract or transaction using electronic means is identified; and if a connection point 
does not match the location information of the PHS terminal device, the use of the electronic 
means is determined to be unauthorized. 

[0012] In the personal authentication system and method according to Claims 9 and 10, not only 
a PHS terminal device but also a beeper or a common mobile phone can be used, and whether 
the use of electronic means is unauthorized is determined based on the presence or absence of a 
call. 

(Claim 1) The invention claimed in Claim 1 is a personal authentication system for authenticating 
a user, when the user accesses a computer owned by a service provider (for example, on-line 
service provider AA) providing services using information and communication technology, the 
personal authentication system comprising: member data storing means for storing member data; 
member data reading means for reading member data (for example, the address or the domicile 
of a member user); area data obtaining means for obtaining from a PHS carrier (PP) area data 
(D2) of a PHS terminal device (20) owned by a member user; processing means for determining 
whether area data (D2) matches member data; and output means, when as a result of a 
determination of the processing means area data matches member data, for producing an output 
for allowing a user to continue to receive services from a service provider (AA),and when area 
data does not match member data, for producing an output for preventing a user from receiving 
services from a service provider (AA). 

(Definitions of Terms) The "member user" is a member who is authorized to utilize a personal 
authentication system according to the present invention, and who has completed a registration 
to a service provider operating the system (for example, on-line service provider (AA), a bank 
(BB) which issues cash cards, or a credit card company (CC)). The "member user" does not 
include a shop (C1) having a contract with a credit card company (CC) to make credit cards 
usable for shopping in the shop (C1). 

[0013] To receive services from a service provider, a member user needs connecting means (10). 
The connecting means (10) is, for example, means for transmitting "communication signals" 
necessary for communication with a service provider. When the system is applied to an on-line 
service, connecting means refers to hardware such as a personal computer (1 2) and a modem 
(13) and software such as communication software and a password. When the system is applied 
to transactions by cash cards (15) or credit cards (17), connecting means refers to software such 
as a card itself (15, 17), data stored in the card (15, 17), and a personal identification code. A 
cash dispenser (16) for cash cards (15) of a bank or a card reader (18) provided in a shop (C1) 
having a contract with a credit card company (CC) is a part of "connecting means (10)". 
[0014] The "member data" is data pre-stored in a database of a service provider, such as 
addresses or domiciles, or telephone numbers of member users. The "member data storing 
means" refers to not only a storage device pre-storing data but also a device for storing data 
received during communication. When the personal authentication system of the present 
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invention is applied to an on-line service, the "member data" refers to connection point data (D1) 
at the time when a member user starts communication with a service provider using connecting 
means (10) (for example, on-line communication devices such as personal computer 12 and 
modem 13). The "connection point data (D1)", since it refers to the address or the domicile of an 
on-line service member, is registered in an on-line service provider (AA), and is stored in a 
member data database of the on-line service provider (AA). In a case where the connection point 
data (D1) is read at the time of a connection, if a member user goes out with on-line service 
communication devices and establishes communication in a place other than the address or the 
domicile of the member user, the personal authentication system of the present invention works 
effectively. 

[0015] When the system is applied to transactions by cash cards (15) or credit cards (17), 
member data refers to "connection point data (D1)", namely the location of a shop where a 
contract or a transaction is made by a cash card (15) or a credit card (17). In such a case, 
"connection point data (D1)", which corresponds to member data, is registered in a computer 
center (BB) managed by a bank or a card company (CC), and stored in a database. Also, 
"connection point data (D1)" is transmitted from a cash dispenser of a bank branch or a card 
reader (18) of a shop (C2) to a computer center (BB) or a card company (CC). 
[0016] The "area data (D2)" refers to the location of a PHS base station (for example, P1) to 
which a PHS terminal device (20) can connect. Data received by a PHS base station (for 
example, P1) is used as area data D2. Usually, a PHS terminal device (20) sends and receives a 
base station ID to/from a PHS base station (P1) via radio waves periodically. A service provider 
(AA) operating the system obtains area data D2, which is identified based on a base station ID, 
from a PHS carrier (PP) via a PHS base station (P1). 

[0017] When the system is applied to an on-line service, and as shown in Fig. 3 a member user 
uses on-line services by connecting a PHS terminal device (20) to a modem (13) of a personal 
computer (12), "area data" refers to the location of a PHS base station (P3) to which the PHS 
terminal device (20) connects. The "processing means" includes a device, when "member data" 
and "area data" are simple data, for interpreting and collating both data. For example, as shown 
in Fig. 1, if area data (D2) can be obtained from a plurality of PHS base stations (P1, P2), it is 
determined with correcting means whether the area data (D2) matches member data. 
[0018] The "output produced when area data does not match member data" usually refers to an 
output for terminating communication to prevent the continuation of communication or a 
transaction. The output may be an output for putting an unauthorized user at a disadvantage 
when the user continues communication, such as data for rewriting data stored in a credit card to 
make the card unusable. In addition to produce such a output, outputting means may informs an 
authorized member of the possibility of a misuse via a trusted institution. 

[0019] In the personal authentication system according to Claim 1, the following operations are 
performed. When a member user starts communication with a service provider (AA), the 
personal authentication system according to the present invention reads member data of the 
member user with member data reading means. The service provider (AA) obtains from a PHS 
carrier (PP) area data (D2) of a PHS terminal device 20 owned by the member user with area 
data obtaining means. The service provider (AA) determines with processing means whether the 
area data (D2) matches member data pre-recorded in storing means. 

[0020] If the member user has the PHS terminal device (20) at hand, the processing means 
determines that the area data (D2) matches the member data. In such a case, the personal 
authentication system of the present invention determines that the member user is an authorized 
member user, and he/she is allowed to continue to receive services from the service provider 
(AA) by outputting means. 

[0021] When the processing means determines that the member data does not match the area 
data (D2), the personal authentication system of the present invention determines that the 
member user is not an authorized member user. Consequently, the member user is prevented 
from receiving services from the service provider (AA) by the outputting means. This is because, 
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when. the member user does not have at hand a PHS terminal device 20 owned by an authorized 
member user, the access by the member user is very likely to be an unauthorized one. 
[0022] As described above, to enable the personal authentication of the present invention, ail a 
member user has to do is to have his/her PHS terminal device 20 at hand. This does not become 
a burden a member user because a user of a PHS terminal device (20) usually has his/her PHS 
terminal device (20) at hand. 

(Claim 2) The invention claimed in Claim 2, where the invention claimed in Claim 1 is limited to 
an on-line service, is characterized in that a service provider refers to an on-line service provider, 
and member data refers to a connection telephone number to an on-line service. 
[0023] In a case where the registered address or domicile of an on-line service member is used 
as member data, when a user establishes communication using a mobile computer in a place 
other than his home, the user is determined to be an unauthorized member user. Also, every 
time a user changes his address, the user is required to report the address change. In view of 
the above, the telephone number for connecting to an access point is used as member data 
(connection point data D1). This is because an on-line service member usually connects to an 
access point, a connection to which takes the cheapest telephone fee for an on-line service. 
(Claim 3) The invention claimed in Claim 3, which is a technically limited version of the invention 
claimed in Claim 2, is characterized in that connection point data (D1) is entered by a on-line 
service member when connecting to on-line services, 

[0024] When an on-line service member establishes communication using a mobile computer, 
connection point data may not be the address or the domicile of the on-line service member. In 
the invention claimed in Claim 3, connection point data is not obtained as in the case of the 
invention claimed in Claim2, but entered directly by a member user. This is because a user may 
select in view of communication speed an access point, a connection to which does not take the 
cheapest telephone fee. 

(Claim 4) The invention claimed in Claim 4, which is a technically limited version of Claim 1 , 2, or 
3, is characterized in that an output for preventing a user from receiving an on-line services , 
which is produced when area data does not match member data, is an output for putting an on- 
line service member at a disadvantage. 

(Definitions of Terms) The "output produced when area data does not match member data" 
refers to not only a "passive" output which terminates communication, but also an output which 
aggressively impairs the interests of a PC user such as software for freezing a computer used for 
communication or for displaying a warning screen. 

[0025] In the invention according to Claim 4, the following operations are performed. When 
processing means determines that connection point data (D1) does not match area data (D2), in 
the personal authentication system of the present system, it is determined that a user who has 
started communication with a service provider (AA) is not an authorized member user. As a 
result, the user is put at a disadvantage by outputting means. By announcing the possibility of 
suffering a disadvantage, unauthorized users can be precluded. 

(Claim 5) An invention claimed in Claim 5 is a personal authentication method for authenticating 
a user, when the user accesses a computer owned by a service provider (AA) providing services 
using information and communication technology, the personal authentication method 
comprising: a member data reading process for reading member data; a member data storing 
process for storing member data; a area data obtaining process for obtaining from a PHS carrier 
(PP) area data (D2) of a PHS terminal device (20) owned by a member user; a processing 
process for determining whether area data (D2) matches member data; and an output process, 
when as a result of a determination of the processing means area data matches member data, for 
producing an output for allowing a user to continue to receive services from a service provider 
(AA), and when area data does not match member data, for producing an output for preventing a 
user from receiving services from a service provider (AA). 

(Claim 6) An invention claimed in Claim 6 is a personal authentication system comprising: 
connection point data reading means for reading connection point data (D1) via communication to 
a card company (CC) with a card (17) of a credit card member; contract data storing means for 
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pre-storing connection point data (D1) and card contract data; area data obtaining means for 
reading area data (D2) on the basis of an output from a PHS base station available for a PHS 
terminal device (20) owned by a credit card member; area service data storing means for storing 
area service data corresponding to area data (D2); and area service data outputting means for 
outputting area service data. 

(Definitions of Terms) The "communication to a card company (CC) with a card (17) of a credit 
card member" refers to communication for checking the expiration date, etc. using a card reader 
(1 8) and a communication line such as a telephone (1 4) or a dedicated line. 
[0026] The "are service data (D3)" is information which relates to the area where a PHS base 
station (P1) is located, and is useful for users of PHS terminal devices (20). Specifically, "area 
service data (D3)" includes simple and a small amount of data which can be output by a display 
or a speaker of a PHS terminal device (20) such as the name of the nearest station or the 
telephone number of the nearest access point, and a large amount of data which is output to a 
mobile computer connected with a PHS terminal device (20) such as a map of the area or an 
area shopping guide. Since "area service data (D3)" is data only for checking whether a user of a 
credit card is an authorized credit card member, the data is usually a small amount of data. Also, 
since "area service data D3" is provided to users who have completed all purchases, information 
is useful for the users such as the name of the nearest station, the last train time of the station, 
information on events of adjacent shops where the credit card can be used. 
[0027] Area service data (D3) may be output to a PHS terminal device (20) owned by a card 
member as shown in Fig. 6, or output to a device owned by a shop (C1) which has a contract with 
a credit card company (CC) as shown in Fig. 8. The telephone number of a PHS terminal device 
(20) may be transmitted via a card reader (18) and a telephone (14) when conducting 
"communication to a card company (CC) with a card (17) of a credit card member". In such a 
case, if a card user is not an authorized card member, the user is expected to hesitate to tell a 
clerk of a shop of the telephone number of a PHS terminal device (20). 

[0028] The operations of the invention according to Claim 6 will be described below. In the 
personal authentication system of the present invention, when communication to a credit card 
company (CC) is started with a card (17) of a credit card member, connection point data (D1) is 
read by connection point data reading means. The credit card company (CC) reads with area 
data reading means area data (D2) of a PHS terminal device (20) owned by the credit card 
member from a base station (for example, P1) nearest the PHS terminal device (20). The credit 
card company (CC) outputs area service data (D3) corresponding to the area data (D2) from area 
service data storing means. 

[0029] When the card user is an authorized credit card member, the user receives the area 
service data (D3). Consequently, the shop can determine the card user to be an authorized 
credit card member, and makes a bargain with the user. When the card user is not an authorized 
credit card member, the shop can determine the card user not to be an authorized credit card 
member on the basis of the fact that the user can not receive the area service data (D3). This is 
because the user is very likely to be one who has obtained the credit card (17) illegally. 
[0030] As in the invention claimed in Claim 1, to enable the personal authentication of the 
present invention, all a member user has to do is to have his/her PHS terminal device 20 at hand. 
This does not become a burden a member user because a user of a PHS terminal device (20) 
usually has his/her PHS terminal device (20) at hand. 

(Claim 7) The invention claimed in Claim 7, which is a technically limited version of the invention 
claimed in Claim 6, is characterized by comprising determining means which, when area service 
data (D3) is output, determines that a credit card member is allowed to make a bargain by card, 
and when area service data (D3) is not output, determines that a credit card member is not 
allowed to make a bargain by card. 

[0031] In short, In Claim 7, "determining means" has been added to the constituent features of 
Claim 6. In the invention claimed in Claim 6, since a determination by "determining means" may 
be performed by a clerk of a shop, "determining means" is not an indispensable constituent 
feature of Claim 6. 
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(Claim 8) An invention claimed in Claim 8 is a personal authentication method comprising: card 
contract data reading process for reading connection point data (D1) and card contract data via 
communication to a card company (CC) with a card (17) of a credit card member; area data 
obtaining process for reading area data (D2) on the basis of an output from a PHS base station 
available for a PHS terminal device (20) owned by a credit card member; area service data 
outputting process for outputting area service data (D3) corresponding to area data (D2); and 
determining process in which, when area service data (D3) is output, it is determined that a credit 
card member is allowed to make a bargain by card, and when area service data (D3) is not output, 
it is determined that a credit card member is not allowed to make a bargain by card. 
(Claim 9) An invention claimed in Claim 9 is a personal authentication system for authenticating 
a user, when the user accesses a computer owned by a service provider providing services using 
information and communication technology, the personal authentication system comprising: 
connection point data obtaining means for obtaining connection point data of a member user; 
telephone number storing means for pre-storing communication terminals owned by member 
users and telephone numbers of the communication terminals; and authentication call means for 
reading a telephone number stored in the telephone number storing means and calling a 
communication terminal. 

[0032] The "communication terminal" refers to a PHS phone, a beeper, and a common mobile 
phone. 

(Claim 10) An invention claimed in Claim 10 is a personal authentication method for 
authenticating a user, when the user accesses a computer owned by a service provider providing 
services using information and communication technology, the personal authentication method 
comprising: telephone number storing process for pre-storing communication terminals owned by 
member users and telephone numbers of the communication terminals; connection point data 
obtaining process for obtaining connection point data of a member user; and authentication call 
process for reading a telephone number stored in telephone number storing means and calling a 
communication terminal. 
[0033] 

[Embodiments of the invention] The present invention will be explained below with reference to 
embodiments and Figs. 1-10. Fig. 1 is a conceptual diagram of the first embodiment of the 
present invention. Fig. 2 is a flowchart of the first embodiment of the present invention. Fig. 3 is 
a conceptual diagram of the second embodiment of the present invention. Fig. 4 is a conceptual 
diagram of the third embodiment of the present invention. Fig. 5 is a conceptual diagram of the 
fourth embodiment of the present invention. Fig. 6 is a conceptual diagram of the fifth 
embodiment of the present invention. Fig. 7 is a flowchart of the fifth embodiment of the present 
invention. Fig. 8 is a conceptual diagram of the sixth embodiment of the present invention. Fig. 9 
is a conceptual diagram of the seventh embodiment of the present invention. Fig. 10 is a 
flowchart of the seventh embodiment of the present invention. 

(The first embodiment) The first embodiment of the present invention will be explained with 
reference to Figs. 1 and 2. This first embodiment relates to a personal authentication system and 
method for authenticating a user when the user accesses a computer owned by on-line service 
provider AA providing services using information and communication technology. 
[0034] To receive services provided by on-line service provider AA, a user is required to register 
the name, the address or the domicile, and a telephone number with on-line service provider AA. 
When a user completes the registration, the user become a member user. On-line service 
provider AA records in database (DB) member data (for example, the address or the domicile of a 
member). To receive services provided by on-line service provider AA, a member user 
establishes communication using hardware such as personal computer 12, modem 13, and 
telephone 14; communication software; a password arranged between the member user and on- 
line service provider AA; etc. When establishing communication, an appropriate access point is 
selected among access points A1, A2, A3, ... provided by on-line service provider AA in view of 
the distance, transmission speed, etc. 
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[0035] In this system, since a member user is assumed to own PHS terminal device 20, on-line 
service provider AA registers and records the telephone number or the identification number of 
PHS terminal device 20 as member data. PHS carrier (PP) locates a plurality of base stations P1 , 
P2, P3, ... in the area, and each of base stations P1, P2, and P3 transmits via radio waves to 
PHS terminal device 20 information indicating a base station to be used in view of the current 
location of PHS terminal device 20. Therefore, for each PHS terminal device 20, the closest base 
station can be identified. 

[0036] When a user starts to use an on-line service, on-line service provider AA reads member 
data of the user using the member data reading means. In this embodiment, on-line service 
provider AA, on the basis of the password, etc. of the user, accesses member data recorded in 
database (DB) to read the address or the domicile of the user. 

[0037] Also, on-line service provider AA obtains from PHS carrier (PP) area data D2 which is 
information on a location of PHS terminal device 20 owned by the user. If both of base stations 
P1 and P2 are closer to PHS terminal device 20, correcting means provided in PHS carrier (PP) 
or on-line service provider AA selects either of radio waves Q1 and Q2 as area data D2. 
[0038] On-line service provider AA is provided with processing means for determining whether 
member data matches area data D2. On-line service provider AA determines with the processing 
means whether member data matches area data D2. As a result of the determination, when 
member data matches area data D2, on-line service provider AA produces an output for allowing 
a user to continue to receive services from on-line service provider AA. When member data does 
not match area data D2, on-line service provider AA produces an output for preventing a user 
from receiving services from on-line service provider AA. In this embodiment, on-line service 
provider AA produces an output for unilaterally terminating the receipt of an on-line service. 
[0039] When the user has PHS terminal device 20 at hand, the processing means determines 
that the member data matches area data D2. In such a case, the personal authentication system 
according to the present embodiment determines the user to be an authorized member user, and 
the user is allowed to continue to receive the on-line service by the outputting means. 
[0040] On the other hand, a determination by the processing means that the member data does 
not match area data D2 indicates that the user does not have PHS terminal device 20 owned by 
an authorized member user at hand. Since it is unlikely that a user does not have his/her PHS 
terminal device 20 at hand, the access by the user is very likely to be an unauthorized one. 
(The second embodiment) The second embodiment will be explained with reference to Fig. 3. 
[0041] In the first embodiment, on-line service provider AA accesses member data on the basis 
of the password, etc. of a user to read the address or the domicile of the user. Consequently, 
when a user goes out with PHS terminal device 20 and establishes communication using a 
mobile computer in a place other than the address or the domicile, it is determined that the 
member data of the user does not match area data D2. Therefore, in the second embodiment, 
instead of addresses or domiciles recorded in a database, the telephone number of access point 
A1 (connection point data D1) is read as member data. Consequently, if a user goes out with a 
communications device and establishes communication in a place other than the address or the 
domicile, this personal authentication system works effectively. 

[0042] Connection point data D1 may be input directly by a member. This is because a member 
may select in view of transmission speed an access point, a connection to which does not take 
the cheapest telephone fee. 

(The third embodiment) The third embodiment will be explained with reference to Fig. 4. 
[0043] In the third embodiment, a personal authentication system of the present invention is 
applied to transactions by cash card 15 issued by a bank. "Member data" refers to connection 
point data D1, namely the location of branch bank B1 where transactions by cash card 15 is 
performed. Fig. 4 shows that a user draws out cash from cash dispenser 16 with cash card 15. 
[0044] When a user inserts cash card 15 into cash dispenser 16 and enters his/her personal 
identification code, cash dispenser 16 sends connection point data D1 to computer center BB. 
Computer center BB obtains from PHS carrier (PP) area data D2 of PHS terminal device 20 of an 
owner of cash card 15, and determines whether connection point data D1 matches area data D2. 
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When it is determined that connection point data D1 matches area data D2, computer center BB 
produces an output for allowing the user to draw out cash. When it is determined that connection 
point data D1 does not match area data D2, computer center BB produces an output to cash 
dispenser 16 for preventing the user from drawing out cash. 

(The fourth embodiment) The fourth embodiment will be explained with reference to Fig. 5. 
[0045] In the fourth embodiment, a personal authentication system of the present invention is 
applied to transactions by credit card 17 issued by credit card company CC. "Member data" 
refers to connection point data D1, namely the location of shop C1 which has a card use contract 
for making credit card 17 usable in shop C1. Fig. 5 shows that when a user purchases goods by 
credit card 17, card reader 18 inquiring for the expiration date, etc. of credit card 17 reads credit 
card 1 7. 

[0046] Card reader 18, when reading magnetically recorded information of credit card 17, sends 
the information to credit card company CC via telephone 14 (or a dedicated line). Credit card 
company CC reads card use contract data. Also, credit card company CC obtains from PHS 
carrier (PP) area data D2 of PHS terminal device 20 of an owner of credit card 17, and 
determines whether connection point data D1 matches area data D2. When it is determined that 
connection point data D1 matches area data D2, credit card company CC produces an output for 
allowing the user to use credit card 17. When it is determined that connection point data D1 does 
not match area data D2, credit card company CC produces an output to card reader 18 for 
preventing the user from using credit card 17. 

(The fifth embodiment) The fifth embodiment will be explained with reference to Figs. 6 and 7. In 
the fifth embodiment, a personal authentication system of the present invention is applied to 
transactions by credit card 17 issued by credit card company CC, and the fifth embodiment is a 
modification of the fourth embodiment. 

[0047] The fifth embodiment differs from the fourth embodiment in having a system where 
service data is output to PHS terminal device 20 which should be possessed by a user of credit 
card 17. In the fifth embodiment, there exist area service data storing means for storing area 
service data corresponding to area data D2 and area service data outputting means for outputting 
area service data D3 to PHS terminal device 20 of a credit card member. 

[0048] In the fifth embodiment, card reader 18 is provided with determining means 19 for 
connecting to PHS terminal device 20 and determining whether area service data D3 has been 
output to PHS terminal device 20. "Area service data D3" is information which relates to the area 
where PHS base station P1 is located, and is useful for a user of PHS terminal device 20. 
Specifically, "area service data D3" is the name of the nearest station, the last train time of the 
station, information on events of adjacent shops where credit card 17 can be used, since it is 
provided to users who has completed all purchases. 

[0049] In the present embodiment, when a card user is an authorized credit card member, the 
user receives area service data D3 with PHS terminal device 20 at hand. When the receipt is 
recognized by determining means 19, shop C1 can determine the card user to be an authorized 
credit card member, and makes a bargain with the user. If the user is not an authorized credit 
card member, determining means 19 is to determine that the user can not receive area service 
data D3 with PHS terminal device 20 at hand. On the basis of the determination, shop C1 can 
determine the card user not to be an authorized credit card member. This is because the user is 
very likely to be one who has obtained credit card 17 illegally. 

(The sixth embodiment) The sixth embodiment will be explained with reference to Fig. 8. 
[0050] In the sixth embodiment, a personal authentication system of the present invention is 
applied to transactions by credit card 17 issued by credit card company CC, and the sixth 
embodiment is a modification of the fifth embodiment. The sixth embodiment differs from the fifth 
embodiment in that area service data D3 is output to speaker 19 connected to a device of shop 
C1 such as card reader 18. When area service data D3 is not output or does not relate to the 
area where shop C1 is located, a transaction by credit card 17 is suspended. 
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[0051] In the above-mentioned first to sixth embodiments, all a user has to do for personal 
authentication is to have PHS terminal device 20 at hand. A user is never required to remember 
a new personal identification code or to carry a new key with the user. 

(The seventh embodiment) The seventh embodiment will be explained with reference to Figs. 9 
and 10. 

[0052] In the seventh embodiment, a personal authentication system of the present invention is 
applied to transactions by credit card 17 issued by credit card company CC. Also, in this 
personal authentication system which has a simplified configuration, not only PHS terminal 
devices but also beepers or common mobile phones can be used. In the seventh embodiment, 
telephone numbers of PHS terminal devices 20 of member users are pre-recorded in a database. 
When a user purchases goods by credit card 17, information recorded in credit card 17 is read by 
card reader 1 8, connection point data D1 is sent to credit card company CC via a communication 
line of shop C1 such as telephone 14. Credit card company CC, when obtaining connection point 
data D1, reads the telephone number of the user recorded in the database, and calls PHS 
terminal device 20 for authenticating the user. 

[0053] When PHS terminal device 20 of the user receives a call for authentication from credit 

card company CC, a clerk of shop C1 presumes on the basis of the call reception the user to be 

an authorized member and accepts the transaction by credit card 17. When a call for 

authentication is not received, a clerk of shop C1 presumes the user not to be an authorized 

member and tells the user that the transaction by credit card 17 cannot be accepted. 

[0054] PHS terminal device 20, which is used as a mobile communication terminal in the seventh 

embodiment, may be a beeper or a common mobile phone. In the seventh embodiment, all a 

user has to do for personal authentication is to have PHS terminal device 20 at hand. A user is 

never required to remember a new personal identification code or to carry a new key with the 

user. 

[0055] 

[Effects of the Invention] According to the inventions claimed in Claims 1 to 3, and Claim 9, a 
personal authentication system is provided which does not excessively complicate authentication 
information held by authenticated member users and does not force on member users too many 
operations than before. According to the invention claimed in Claim 4, a personal authentication 
system is provided which makes it possible to preclude unauthorized users by putting them at a 
disadvantage. 

[0056] According to the inventions claimed in Claims 5 and 10, a personal authentication method 
is provided which does not excessively complicate authentication information held by 
authenticated member users and does not force on member users too many operations than 
before. According to the inventions claimed in Claims 6 and 7, a personal authentication system 
is provided which does not excessively complicate authentication information held by 
authenticated credit card members and does not force on card members too many operations 
than before. 

[0057] According to the invention claimed in Claim 8, a personal authentication method is 
provided which does not excessively complicate authentication information held by authenticated 
credit card members and does not force on card members too many operations than before. 
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